As budgets to send people to training and conferences began shrinking, Kevin Novak said he began looking for ways to address the mission of challenging security teams: teaching them new concepts, and contributing to their professional development through teaching. 

Plus, he added, they were not getting the kind of results he was expecting. Novak, managing director at Breakwater Solutions, said the athlete and coach in him was always looking to build on the concept of “team.” 

He shared how he started a DEF CON-style version of a security conference while he was chief information security officer at Northern Trust Bank during the CISO Stories podcast, produced by SC Media partner publication Security Weekly.

Click here to listen to episode 35 of the CISO Stories podcast: "Fiscally Responsible Ways to Train/Build Community."

Novak said he challenged his team to build a “Northern Trust” version of DEF CON. They came up with the idea to have the IT and security departments — anyone who’s really “geeky,” he said — to host sessions based on their personalities and interests. 

They didn’t try to dumb it down for people, Novak said. “The only rule we had is you could feel free to be as geeky as you want — to talk as technical as you want.”

By the fourth year, he said Northern Trust had about 150 people across the firm being trained by about 20 people.